Ken Foskey wrote:
Interesting ! That debate underlines even more the necessity of Auditing andFunny slashdot.org has a thread about that
http://it.slashdot.org/article.pl?sid=04/09/17/1438208&tid=172&tid=8
Read all the article that is linked, the interesting bits are at the
bottom. Note that the author wrote the mailman application so he is not
a corporate shill.
Re-Compilation before deployment. It will be interesting how the Commercial
Software developers would re-act if it is "the law". Most commercial software
developers have auditors, but from my experience commercial software are
audited mainly to ensure there is no copyright enfringement. Security has been
less of a priority as far as auditors are concerned. I think software security
should now be prioritised in the same level as copyright enfringement. Preventing
copyright enfringement does not need re-compilation; but security does.
Common sense will tell us that Open Source is rigorously audited by its nature. And it is a simple process to catch security breaches even by using simple
tools like "diff", etc.
-- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
